A guide to managing permissions on a client program

Reward Gateway operates a standard role-based access control to manage who has access to what areas within Reward Manager.

Each member can be given one or many roles which will grant them access to several functionalities within the client program. This could be various tasks such as managing member details to authoring blog articles. Once a member has been granted these additional roles, they may be referred to as "Administrators" with access to Reward Manager.

Out of the many roles that members can be granted access to, there are two specific roles that are quite important. 

Member Access Control Administrator - Responsible for managing who has access to the platform 

Permission Manager - Responsible for managing what level of access each member has

Things to note

• Every client program must have at least one permission manager (No upper limit on maximum)
• Every administrative access request MUST be approved by at least one Permission Manager
• To grant administrative access, a user MUST have Member Access Control administrator capabilities
• The first-ever permission manager access request will be approved automatically
• Member Access Control Administrators can remind / re-notify the Permission Managers at any time about a pending administrative access request

Process of granting administrative privileges 

To grant administrative privileges to any member involves both an existing Member Access Control Administrator and a Permission Manager on the program. This is to ensure there is a separation of duty during this process and to limit mistakes.

Step 1

Member Access Control Administrator to search for the member on Reward Manager and use the Options to Assign Member Roles.

All-access roles and their capabilities will be displayed on the subsequent screen. Once the specific roles are chosen the administrator can save these using the save option on the page.

This will then send a request to all registered Permission Managers, an email requesting them to approve this. 

Step 2

Permission Managers in the program will receive an email to action the request from Step 1. Once the link on the email is clicked the request to grant this member will be actioned automatically.

Step 3

Member receives an email notifying them of the access and how they can log in to Reward Manager to access the new administrative areas. 

Notes on specific roles

• The Reward Recognition Approver role is assigned automatically when the Implementation or Client Support Team add a user as on a specific AwardNominator™ program. If the role is added through the Assign Member Roles option described here, the user will still need to be added to any Nomination programs they need to access, as a separate step.
• The Reward Recognition Super Approver role is always assigned through the Assign Member Roles option described here. Users who have this role will be able to review all nominations in any of the AwardNominator™ programs available on the platform.
• The Instant Awards Owner role is assigned automatically when the Implementation or Client Support Team add a user to one or more InstantAwards™ pots. If the role is added through the Assign Member Roles option described here, the user will still need to be added to any InstantAwards™ pots they need to access, as a separate step. 

• The SmartPay Product Administrator role is assigned automatically when a user is added as a "Product Approver" (What roles and permission levels are there in SmartPay™?) for one or multiple SmartPay products. However, if the role is added through the Assign Member Roles option described above, the user will still need to be added as an approver to a specific SmartPay Product to have the proper access. 
• The SmartPay Payroll Administrator role is assigned automatically when a user is added as a "Payroll Approver" (What roles and permission levels are there in SmartPay™?) for one or multiple SmartPay products. However, if the role is added through the Assign Member Roles option described above, the user will still need to be added as an approver to a specific SmartPay payroll to have the proper access.